Prevent Error 500s with invalid relative links

https://gitlab.com/gitlab-org/gitlab-ce/issues/52009

Prevent Error 500s with invalid relative links
https://gitlab.com/gitlab-org/gitlab-ce/issues/52009
c92372e8 · Stan Hu · d9241761 · c92372e8 · c92372e8 · c92372e8
Commit c92372e8 authored Sep 29, 2018 by Stan Hu
3 changed files
--- a/changelogs/unreleased/sh-fix-issue-52009.yml
+++ b/changelogs/unreleased/sh-fix-issue-52009.yml
+---
+title: Prevent Error 500s with invalid relative links
+merge_request: 22001
+author:
+type: fixed
--- a/lib/banzai/filter/relative_link_filter.rb
+++ b/lib/banzai/filter/relative_link_filter.rb
@@ -60,7 +60,11 @@ module Banzai
          path_parts.unshift(relative_url_root, project.full_path)
        end
+        begin
          path = Addressable::URI.escape(File.join(*path_parts))
+        rescue Addressable::URI::InvalidURIError
+          return
+        end
        html_attr.value =
          if context[:only_path]

--- a/spec/lib/banzai/filter/relative_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/relative_link_filter_spec.rb
@@ -83,6 +83,11 @@ describe Banzai::Filter::RelativeLinkFilter do
    expect { filter(act) }.not_to raise_error
  end
+  it 'does not raise an exception with a space in the path' do
+    act = link("/uploads/d18213acd3732630991986120e167e3d/Landscape_8.jpg  \nBut here's some more unexpected text :smile:)")
+    expect { filter(act) }.not_to raise_error
+  end
  it 'ignores ref if commit is passed' do
    doc = filter(link('non/existent.file'), commit: project.commit('empty-branch') )
    expect(doc.at_css('a')['href'])